def set_offset_delta(self, doffs):
newea = self.base + self.offs - doffs
minea = ida_idaapi.get_inf_structure().get_minEA()
maxea = ida_idaapi.get_inf_structure().get_maxEA()
if doffs < 0:
delta = doffs if newea < maxea else doffs - (maxea - newea)
else:
delta = doffs if newea >= minea else doffs - (minea - newea)
self._set_offs(self.offs - delta)
def paint_slider(self, addr=None, buf_size=None):
if addr is None or buf_size is None:
addr = self.base + self.offs
buf_size = self.get_pixel_qty()
lowest_ea = ida_idaapi.get_inf_structure().get_minEA()
highest_ea = ida_idaapi.get_inf_structure().get_maxEA()
start_offs = addr - lowest_ea
addr_space = highest_ea - lowest_ea
perc_s = float(start_offs) / float(addr_space)
perc_e = float(start_offs + buf_size) / float(addr_space)
bar_width = 20
spaces_bar = 5
bar_x = self.rect_x - spaces_bar - bar_width
bar_y = 5
bar_height = self.rect().height() - 2 * bar_y
self.qp.fillRect(bar_x, bar_y, bar_width, bar_height, QColor(0x191919))
slider_offs_s = perc_s * bar_height
slider_offs_e = perc_e * bar_height
spaces_slider = 1
slider_x = bar_x + spaces_slider
slider_y = bar_y + slider_offs_s
slider_width = bar_width - 2 * spaces_slider
# limit slider height to bar_height
slider_height = max(
min(slider_offs_e - slider_offs_s,
bar_height - (slider_y - bar_y)), 4)
self.qp.fillRect(slider_x, slider_y, slider_width, slider_height,
QColor(0x404040))
#self.slider_coords = ((slider_x, slider_y), (slider_x+slider_width, slider_y+slider_height))
self.qp.setPen(QColor(0x808080))
# draw addresses
addr_low = '%X:' % self.get_address()
addr_hi = '%X' % int(self.get_address() + (
(self.get_pixel_qty() / self.get_pixel_qty_per_line()) - 1) *
self.get_pixel_qty_per_line())
self.qp.drawText(
self.rect_x - self.qp.fontMetrics().width(addr_low) - bar_width -
2 * spaces_bar,
self.qp.fontMetrics().height(), addr_low)
self.qp.drawText(
self.rect_x - self.qp.fontMetrics().width(addr_hi) - bar_width -
2 * spaces_bar,
self.rect().height() - self.qp.fontMetrics().height() / 2, addr_hi)
return
def render_slider(self, addr=None, buf_size=None):
if addr is None or buf_size is None:
addr = self.base + self.offs
buf_size = self.get_pixels_total()
lowest_ea = ida_idaapi.get_inf_structure().get_minEA()
highest_ea = ida_idaapi.get_inf_structure().get_maxEA()
start_offs = addr - lowest_ea
addr_space = highest_ea - lowest_ea
perc_s = float(start_offs) / float(addr_space)
perc_e = float(start_offs + buf_size) / float(addr_space)
bar_width = 20
spaces_bar = 5
bar_x = self.rect_x - spaces_bar - bar_width
bar_y = 5
bar_height = self.rect().height() - 2 * bar_y
self.qp.fillRect(bar_x, bar_y, bar_width, bar_height, QColor(0x191919))
slider_offs_s = int(round(perc_s * bar_height))
slider_offs_e = int(round(perc_e * bar_height))
spaces_slider = 1
slider_x = bar_x + spaces_slider
slider_y = bar_y + slider_offs_s
slider_width = bar_width - 2 * spaces_slider
# limit slider height to bar_height
slider_height = max(
min(slider_offs_e - slider_offs_s,
bar_height - (slider_y - bar_y)), 4)
self.qp.fillRect(slider_x, slider_y, slider_width, slider_height,
QColor(0x404040))
# draw addresses
top = '%X:' % self.get_address()
bottom = '%X' % (self.get_address() +
((self.get_pixels_total() / self.get_width()) - 1) *
self.get_width())
self.qp.setPen(QColor(0x808080))
self.qp.drawText(
self.rect_x - self.qp.fontMetrics().width(top) - bar_width -
2 * spaces_bar,
self.qp.fontMetrics().height(), top)
self.qp.drawText(
self.rect_x - self.qp.fontMetrics().width(bottom) - bar_width -
2 * spaces_bar,
self.rect().height() - self.qp.fontMetrics().height() / 2, bottom)
return
def _guess_architecture():
"""Try to guess the current architecture."""
reg_names = ida_idp.ph_get_regnames()
inf = ida_idaapi.get_inf_structure()
if "ax" in reg_names and "xmm0" in reg_names:
if inf.is_64bit():
return "amd64"
else:
return "x86"
elif "ARM" in inf.procName:
if inf.is_64bit():
return "aarch64"
else:
raise UnhandledArchitectureType(
"Unrecognized 32-bit ARM architecture: {}".format(inf.procName)
)
elif "sparc" in inf.procName:
if inf.is_64bit():
return "sparc64"
else:
return "sparc32"
else:
raise UnhandledArchitectureType(
"Unrecognized archictecture: {}".format(inf.procName)
)
def _guess_os():
"""Try to guess the current OS"""
try:
abi_name = ida_typeinf.get_abi_name()
except:
abi_name = ida_nalt.get_abi_name()
if "OSX" == abi_name:
return "macos"
inf = ida_idaapi.get_inf_structure()
file_type = inf.filetype
if file_type in (ida_ida.f_ELF, ida_ida.f_AOUT, ida_ida.f_COFF):
return "linux"
elif file_type == ida_ida.f_MACHO:
return "macos"
elif file_type in (
ida_ida.f_PE,
ida_ida.f_EXE,
ida_ida.f_EXE_old,
ida_ida.f_COM,
ida_ida.f_COM_old,
):
return "windows"
else:
raise UnhandledOSException("Unrecognized OS type")
def database_inited(self, *_):
info = ida_idaapi.get_inf_structure()
if info.is_64bit():
print("[AMIE] Using AArch64 architecture")
self.arch = AArch64()
else:
print("[AMIE] Using AArch32 architecture")
self.arch = AArch32()
def getArchitecture(self):
# https://reverseengineering.stackexchange.com/a/11398
info = ida_idaapi.get_inf_structure()
procname = info.procName
if procname in self._processor_map:
return self._processor_map[procname]
else:
raise ValueError("Unsupported Architecture")
def init(self):
info = ida_idaapi.get_inf_structure()
if info.procName != "ARM":
return ida_idaapi.PLUGIN_SKIP
ida_kernwin.UI_Hooks.hook(self)
ida_idp.IDP_Hooks.hook(self)
print("[AMIE] Plugin v%s initialized" % AMIE.version)
return ida_idaapi.PLUGIN_KEEP
def getBitness(self):
# https://reverseengineering.stackexchange.com/a/11398
bits = None
info = ida_idaapi.get_inf_structure()
if info.is_64bit():
bits = 64
elif info.is_32bit():
bits = 32
else:
bits = 16
return bits
def __init__(self):
ida_idp.IDP_Hooks.__init__(self)
ida_kernwin.UI_Hooks.__init__(self)
self.hexrays_support = False
info = ida_idaapi.get_inf_structure()
if info.procName == "ARM":
if info.is_64bit():
print("[AMIE] Using AArch64 architecture")
self.arch = AArch64()
else:
print("[AMIE] Using AArch32 architecture")
self.arch = AArch32()
else:
self.arch = None
def _get_ip_val():
inf = get_inf_structure()
proc_name = inf.procName.lower()
regname = ""
if proc_name == "metapc":
if inf.is_64bit():
regname = "rip"
elif inf.is_32bit():
regname = "eip"
else:
regname = "ip"
elif proc_name == "arm":
regname = "pc"
rv = regval_t()
if get_reg_val(regname, rv):
return rv.ival
return None
def get_ptr(ea=None):
"""
Recuperate the value of a pointer at an address. This will handle
automatically the correct size of the pointer.
:param int ea: the address at which get the pointer value. If
``None`` the screen address is used.
:return: the pointer value
"""
if ea is None:
ea = ida_kernwin.get_screen_ea()
info = ida_idaapi.get_inf_structure()
if info.is_64bit():
return ida_bytes.get_qword(ea)
elif info.is_32bit():
return ida_bytes.get_wide_dword(ea)
else:
return ida_bytes.get_wide_word(ea)
def import_types():
"""
Import external types from 'types' directory
"""
# just in case uefi type library is not loaded
add_til("uefi64" if get_inf_structure().is_64bit() else "uefi",
ADDTIL_DEFAULT)
types_dir = EfiTools.types_dir
for type_file in os.listdir(types_dir):
print("Importing types from %s... " % type_file, end="")
file_path = os.path.join(types_dir, type_file)
errors = parse_decls(cvar.idati, file_path, None, HTI_FIL)
if errors != 0:
print("some types were not imported correctly!")
else:
print()
def __process_general(self):
info_struct = ida_idaapi.get_inf_structure()
#architecture
arch = info_struct.procname
if arch == 'metapc':
arch = 'x86'
elif arch == 'ARM':
arch = 'arm'
#bitness
bitness = 16
if info_struct.is_64bit():
bitness = 64
elif info_struct.is_32bit():
bitness = 32
result = {
'filename': ida_nalt.get_root_filename(),
'architecture': arch,
'bitness': bitness
}
return result
def deref_size(self, size):
self.tf.write('deref_size : %d' % size)
f = self.stack.pop()
if f.issymb:
s = stk_entry(True, 'MEM[%s]' % f.value)
s.stack.append(s)
else:
inf = ida_idaapi.get_inf_structure()
if f.value in range(inf.min_ea, inf.max_ea):
val_ = ida_bytes.get_bytes(f.value, size)
x, r = divmod(len(val_), stk_entry.maxsize())
for i in range(0, x):
if hasattr(int, 'from_bytes'):
s = stk_entry(
False,
int.from_bytes(
bytearray(val_)[i:i + stk_entry.maxsize()],
'little',
signed=False))
else:
s = stk_entry(
False,
struct.unpack(
'<Q',
bytearray(val_)[i:i + stk_entry.maxsize()])[0])
self.stack.append(s)
if hasattr(int, 'from_bytes'):
s = stk_entry(
False,
int.from_bytes(
bytearray(val_)[x * stk_entry.maxsize():x *
stk_entry.maxsize() + r],
'little',
signed=False))
else:
if r == 1:
s = stk_entry(
False,
struct.unpack(
'B',
bytearray(val_)[x * stk_entry.maxsize():x *
stk_entry.maxsize() + r])[0])
elif r == 2:
s = stk_entry(
False,
struct.unpack(
'<H',
bytearray(val_)[x * stk_entry.maxsize():x *
stk_entry.maxsize() + r])[0])
elif r == 4:
s = stk_entry(
False,
struct.unpack(
'<I',
bytearray(val_)[x * stk_entry.maxsize():x *
stk_entry.maxsize() + r])[0])
self.stack.append(s)
else: # if memory not mapped in IDB, symbolize it.
self.tf.write('attenting to access %s' % hex(f))
s = stk_entry(True, 'MEM_%s' % hex(f))
self.stack.append(s)
from nesldr.ioregs import *
from nesldr.mappers import *
import ida_netnode
from ida_loader import file2base, FILEREG_PATCHABLE
from ida_idp import ph, PLFM_6502, set_processor_type, SETPROC_LOADER_NON_FATAL
from ida_kernwin import msg, warning
from ida_segment import add_segm, set_segm_addressing, getseg
from ida_bytes import del_items, create_data, byte_flag, word_flag, set_cmt, get_word
from ida_name import set_name
from ida_entry import add_entry
from ida_offset import op_offset
from ida_lines import add_extra_line
from ida_idaapi import get_inf_structure
from ida_nalt import get_root_filename
inf = get_inf_structure()
def YES_NO(condition):
return ("yes" if condition else "no")
hdr = ines_hdr()
def readinto(li, struct):
buf = li.read(sizeof(struct))
if len(buf) != sizeof(struct):
return False
else:
memmove(addressof(struct), (buf), sizeof(struct))
def keyReleaseEvent(self, event):
update = False
key = event.key()
modifiers = event.modifiers()
shift_pressed = ((modifiers & Qt.ShiftModifier) == Qt.ShiftModifier)
ctrl_pressed = ((modifiers & Qt.ControlModifier) == Qt.ControlModifier)
if key == Qt.Key_F1 and ctrl_pressed:
self.show_help()
elif key == Qt.Key_G:
addr = ask_addr(self.base + self.offs, 'Jump to address')
if addr is not None:
if self.sync:
ida_kernwin.jumpto(addr)
else:
minea = ida_idaapi.get_inf_structure().get_minEA()
maxea = ida_idaapi.get_inf_structure().get_maxEA()
dst = min(max(addr, minea), maxea)
self.set_addr(dst)
elif key == Qt.Key_S:
if not self.fm.lock_sync:
self.set_sync_state(not self.get_sync_state())
update = True
elif key == Qt.Key_T:
self.render_data = not self.render_data
self.repaint()
elif key == Qt.Key_D:
self.cur_formatter_idx = (self.cur_formatter_idx +
1) % self.max_formatters
self.repaint()
elif key == Qt.Key_N:
self.next_filter.emit()
elif key == Qt.Key_B:
self.prev_filter.emit()
elif key == Qt.Key_F2:
hlp = self.fm.help
if hlp is None:
hlp = 'Help unavailable'
ida_kernwin.info('%s\n\n' % hlp)
elif key == Qt.Key_F12:
img = self.render_image(cursor=False)
img = img.scaled(img.width() * self.pixelSize,
img.height() * self.pixelSize, Qt.KeepAspectRatio,
Qt.FastTransformation)
done = False
i = 0
while not done:
fname = 'IDACyber_%04d.bmp' % i
if not os.path.isfile(fname):
if img.save(fname):
ida_kernwin.msg('File exported to %s\n' % fname)
else:
ida_kernwin.warning(
'Error exporting screenshot to %s.' % fname)
done = True
i += 1
if i > 40:
ida_kernwin.warning('Aborted. Error exporting screenshot.')
break
elif key == Qt.Key_PageDown:
self.set_offset_delta(-self.get_pixels_total())
update = True
elif key == Qt.Key_PageUp:
self.set_offset_delta(self.get_pixels_total())
update = True
elif key == Qt.Key_Down:
if shift_pressed:
self.set_offset_delta(-1)
else:
self.set_offset_delta(-self.get_width())
update = True
elif key == Qt.Key_Up:
if shift_pressed:
self.set_offset_delta(1)
else:
self.set_offset_delta(self.get_width())
update = True
elif key == Qt.Key_Plus:
if ctrl_pressed:
self.set_zoom_delta(1)
update = True
elif key == Qt.Key_Minus:
if ctrl_pressed:
self.set_zoom_delta(-1)
update = True
self.key = None
if update:
if self.get_sync_state():
ida_kernwin.jumpto(self.base + self.offs)
self.activateWindow()
self.setFocus()
self.statechanged.emit()
self.repaint()
return
def is_64bit(self):
inf = ida_idaapi.get_inf_structure()
#target_filetype = inf.filetype
return inf.is_64bit()